Printing apparatus and printing system

ABSTRACT

There is provided a printing apparatus including: a storage section configured to store printing data; an accepting section configured to accept an issuance instruction to issue a password corresponding to the printing data; a password generating section configured to generate a password; an obtaining section configured to obtain a destination corresponding to the printing data; a transmission section configured to transmit the generated password to the destination, on condition that the accepting section accepts the issuance instruction; an input section configured to accept an input of a password by a user; a judgment section configured to judge as to whether or not a password accepted by the input section is coincident with the transmitted password; and a printing section configured to start printing in a case that the judgment section judges that the accepted password is coincident with the transmitted password.

CROSS REFERENCE TO RELATED APPLICATION

The present application claims priority from Japanese Patent ApplicationNo. 2011-160450, filed on Jul. 22, 2011, the disclosure of which isincorporated herein by reference in its entirety.

BACKGROUND OF THE INVENTION

1. Field of the Invention

The present invention relates to a printing apparatus and a printingsystem and in particular, to a printing apparatus and a printing systemwhich stores printing data in the printing apparatus and performsprinting of the printing data when an input by a user is accepted.

2. Description of the Related Art

There has been conventionally known a remote printing technique asfollows. That is, printing data is transmitted to a printing apparatusfrom a terminal device such as a PC, a mobile phone, etc., and theprinting apparatus stores the printing data to come into a standbystate. Then, printing is started when a user carries out a printinginstruction of the printing data to the printing apparatus. In therecent years, the remote printing technique as described above is widelyused with the popularization of public wireless LAN service. Forexample, the printing data is transmitted, in advance, to the printingapparatus of a public facility such as a railroad station, an airport,etc., and thereby making it possible for the user to obtain a printedmatter of the printing job there.

In the remote printing technique as described above, there is fear thatthe printing apparatus is operated by a third party. Thus, a problemarises such that confidentiality is lowered. In view of this, forexample, Japanese Patent Application Laid-open No. 2007-196481 disclosesthat the printing apparatus which receives the printing data generates apassword, that the password is notified to a source device or anoriginating device of the printing data, and that the printing of theprinting data which corresponds to the password is started when thepassword inputted by the user is verified or authenticated.

SUMMARY OF THE INVENTION

However, the conventional remote printing technique described above hasthe following problem. That is, in the technique described above, ittakes time, in some cases, after the user confirms the password in theoriginating device of the printing data until the user moves to theprinting apparatus to input the password. Therefore, there is apossibility that the password is leaked to the third party and there isscope to further improve the confidentiality.

The present teaching has been made in order to solve the problem on theconventional remote printing technique as described above, an object ofwhich is to provide a printing apparatus and a printing system, each ofwhich has a low possibility of a leak of a password to a third party.

According to the first aspect of the present teaching, there is provideda printing apparatus which performs printing on a medium based on apiece of printing data, the apparatus including:

a storage section configured to store printing data;

an accepting section configured to accept an issuance instruction toissue a password corresponding to the printing data;

a password generating section configured to generate a password;

an obtaining section configured to obtain a destination corresponding tothe printing data;

a transmission section configured to transmit the password generated bythe password generating section to the destination obtained by theobtaining section, on condition that the accepting section accepts theissuance instruction;

an input section configured to accept an input of a password by a user;

a judgment section configured to judge as to whether or not a passwordaccepted by the input section is coincident with a transmitted passwordtransmitted by the transmission section; and

a printing section configured to start printing based on the printingdata corresponding to the transmitted password, in a case that thejudgment section judges that the password accepted by the input sectionis coincident with the transmitted password. The printing apparatusaccording to the present teaching may further include an operationsection through which an input operation by the user is accepted, andthe accepting section may accept the issuance instruction by the inputoperation to the operation section.

The printing apparatus according to the present teaching stores theprinting data in the storage section. For example, when the issuanceinstruction of the password of the printing data is accepted by an inputoperation to an operation section, the printing apparatus generates thepassword of the printing data. Then, the printing apparatus of thepresent teaching transmits the generated password to the destinationcorresponding to the printing data. After transmitting the password, theprinting apparatus of the present teaching accepts the input of thepassword by the user. In the case that the inputted password iscoincident with the transmitted password, the printing of the printingdata corresponding to the password is started.

That is, in the printing apparatus of the present teaching, the passwordof the printing data is transmitted to the destination (for example, amobile device carried by the user of the printing data) corresponding tothe printing data, on the condition that the issuance instruction of thepassword is accepted by, for example, the operation of the operationsection by the user. In this configuration, in a case that the issuanceinstruction is performed in a state that the user carries thedestination device, the user receives the password in the vicinity ofthe printing apparatus. Accordingly, it can be expected to shorten atime after the password is obtained by the user and before the passwordis inputted by the user. Thus, it can be expected to reduce thepossibility of the leak of the password to a third party.

According to the second aspect of the present teaching, there isprovided a printing system which performs printing on a medium based onprinting data, the system including:

a printing apparatus which includes:

-   -   a storage section configured to store printing data;    -   an operation section configured to accept an input operation by        a user; and    -   an accepting section configured to accept an issuance        instruction to issue a password corresponding to the printing        data by the input operation to the operation section of the        printing apparatus;

a password generating section configured to generate a password;

an obtaining section configured to obtain a destination corresponding tothe printing data; and

a transmission section configured to transmit the password generated bythe password generating section to the destination obtained by theobtaining section, on condition that the accepting section of theprinting apparatus accepts the issuance instruction;

wherein the printing apparatus performs the printing on condition thatthe password corresponding to the printing data is coincident with apassword inputted by the user.

According to the third aspect of the present teaching, there is provideda printing apparatus which performs printing on a medium based onprinting data, including:

an image forming section configured to form an image on the medium basedon printing data;

a storage section configured to store the printing data;

an interface section configured to communicate with an external device;

an operation section configured to accept an instruction input by auser;

a controller configured to control the image forming section, thestorage section, the interface section and the operation section, andconfigured to:

-   -   accept an issuance instruction to issue a password corresponding        to the print data via the operation section;    -   obtain information of an external device as a destination for        transmitting the password corresponding to the printing data;    -   generate a password;    -   transmit the generated password to the external device obtained        as the destination for transmitting the password, on condition        that the controller accepts the issuance instruction via the        operation section;    -   accept an input of a password by a user via the operation        section;    -   judge whether or not the password accepted via the operation        section is coincident with the transmitted password transmitted        to the external device as the destination for transmitting the        password; and

start printing based on the printing data corresponding to thetransmitted password, in a case that the controller judges that thepassword accepted by the operation section is coincident with thetransmitted password.

According to the present teaching, it can be realized a printingapparatus and a printing system, each of which has a low possibility ofa leak of a password to a third party.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram showing an electrical structure of a printeraccording to an embodiment.

FIG. 2 is a block diagram schematically showing operation of a printingsystem according to the first embodiment.

FIG. 3 is a flowchart showing a procedure of a password issuance processaccording to the first embodiment.

FIG. 4 is a diagram showing an example of registration of a database inwhich destination information is stored.

FIG. 5 is a diagram showing an example of registration of a database inwhich an issuance condition is stored.

FIG. 6 is a flowchart showing a procedure of a print accepting processaccording to the first embodiment.

FIGS. 7A and 7B are flowcharts showing a procedure of the passwordissuance process according to the second embodiment.

FIG. 8 is a diagram showing an example of registration of a database inwhich notice destination information is stored.

FIG. 9 is a diagram showing an example of a screen of a PC when apassword issuance notice is received.

FIG. 10 is a block diagram schematically showing operation of a printingsystem according to the third embodiment.

FIG. 11 is a block diagram schematically showing operation of a printingsystem according to the fourth embodiment.

DESCRIPTION OF THE PREFERRED EMBODIMENTS

An explanation will be made in detail with reference to the accompanyingdrawings about embodiments in which a printing apparatus according tothe present teaching is embodied. In this embodiment, the presentteaching is applied to a printer connected to a personal computer (PC).

[Structure of Printer]

As shown in FIG. 1, a printer 100 (an example of a printing apparatus)according to this embodiment includes a controller 30 provided with aCPU 31, a ROM 32, a RAM 33, and a NVRAM (non-volatile RAM) 34. Further,the controller 30 is electrically connected to an image forming section10 which prints an image on a paper sheet, an operation panel 40 onwhich an operation state is displayed and through which an inputoperation by a user is accepted, a network interface 37, a USB interface38, and a wireless communication interface 39. Noted that it is notindispensable to electrically connect the controller 30 to thecomponents described above, provided that the controller 30 is connectedto communicate with these components.

The ROM 32 stores firmware which is a control program for controllingthe printer 100, various settings, an initial value, etc. The RAM 33 andthe NVRAM 34 (examples of a storage section) are utilized as a work areaat which the various control programs are loaded or as a storage areawhich temporarily stores printing data.

The CPU 31 (an example of an accepting section, a generating section, anobtaining section, a transmission section, a judgment section, aconfidentiality judgment section, a position judgment section, a firsttransmission prohibition section, a determining section, a secondtransmission prohibition section, a time judgment section, a first printprohibition section, a notifying section, an instruction acceptingsection, a second print prohibition section, an expansion section, and aprohibition section) controls each component of the printer 100, whilestoring, in the RAM 33 or the NVRAM 34, a processing result processed inaccordance with the control program read from the ROM 32 and/or a signalfrom each of the sensors.

The network interface 37, the USB interface 38, and the wirelesscommunication interface 39 are interfaces which make it possible tocommunicate the printer with any other device. The printer 100 receivesthe printing data transmitted from any other device via theseinterfaces.

In this embodiment, the printer 100 can communicate with a personalcomputer (PC) 200 and a server 300 via the network interface 37. Inaddition to that, any other device can be used via the USB interface 38.For example, in a case that a flash memory is installed to the USBinterface 38, the flash memory can be used as a storage area.

The image forming section 10 (an example of a printing section) may beeither the electro photography system or the ink-jet system, providedthat the image can be printed on the paper sheet. Further, the imageforming section 10 may form either a color image or a monochrome (blackand white) only.

The operation panel 40 (an example of an operation section, an inputsection) includes various buttons through which the input operation bythe user is accepted and a touch panel display on which characterinformation, buttons, etc., are displayed. The various buttons include,for example, an OK button through which the user carries out instructionto start the printing operation and a cancel button through which theuser carries out instruction to cancel the printing operation.

First Embodiment

[Structure of Printing System]

Subsequently, an explanation will be made with reference to FIG. 2 aboutthe structure and operation of a printing system 900 which includes theprinter 100.

In the printing system 900, when the PC 200 accepts the printinginstruction from the user, a printer driver 210 installed into the PC200 creates a printing job. Then, the printing job is transmitted to theprinter 100 from the PC 200 (see “A: printing job” of FIG. 2).

The printing job includes, in addition to the printing data as the printobjective, information to identify the printing job, information toidentify the user who enters the printing job, security information, andpassword information. The password information includes, for example, aterm of validity of the password. The password information may be set bythe input operation of the user or may be set by the printer driver 210automatically. As the information included in the printing job, thepassword information is not necessarily indispensable. For example, in acase that the term of validity of the password is not included in theprinting job, the printer 100 determines the term of validity of thepassword.

In a case that the printing job is entered into the printer 100, theprinting job is stored in a memory area (memory region), of the printer100, reserved for storing the printing job. The memory area isconfigured to include the RAM 33 and/or the NVRAM 34. In a case that anexternal memory 340, such as a USB memory or an external hard disk drive(HDD), is connected to the printer 100, a memory area reserved for theexternal memory may be included in the memory area 110 of the printer100.

After the printing job is stored in the memory area of the printer 100,the printer 100 comes into a standby state to wait for an issuanceinstruction of the password for the printing job. That is, the printer100 does not start the printing of the printing job at a stage when theprinter 100 received the printing job.

In this embodiment, in a case that the user operates the operation panel40 to select the printing job of the password issuance objective, theprinter 100 displays, on the touch panel display of the operation panel40, a password issuance button 41 to issue the password. When the userpresses the password issuance button 41, the issuance instruction of thepassword for the selected printing job is inputted into the printer 100(see “B: password issuance instruction” of FIG. 2).

When the printer 100 accepts that the password issuance button 41 ispressed, the printer 100 generates the password for the printing job totransmit the password to a mobile device 400 (see “C: password” and “D:password” of FIG. 2). In this embodiment, the server 300 functions as amail server, and an e-mail send from the printer 100 is transmitted tothe mobile device 400 via the server 300. That is, the printer 100transmits the password for the printing job to a device which isdifferent from the PC 200 from which the printing job was entered. Thedestination of the password for each user is registered in the printer100 in advance, and is determined in accordance with the user of theprinting job.

That is, after the user entered the printing job into the printer 100,the user moves to a place at which the printer 100 is provided. In thissituation, the user carries a device (for example, the mobile device400) by which the password issued by the printer 100 is received. Then,the user operates the operation panel 40 of the printer 100 to select adesired printing job, and presses the password issuance button 41. Themobile device 400 carried by the user receives the password issued bythe printer 100, and the password is confirmed by the user. The mobiledevice 400 can receive the password by using, for example, the e-mail,infrared ray communication, Bluetooth, etc. After confirming thepassword, the user inputs the password received by the mobile device 400into the printer 100.

In a password obtaining procedure described above, not only the thirdparty but also the user who entered the printing job can not know thepassword corresponding to the printing job, until the mobile device 400receives the password. Further, the password is generated by the printer100, and then is transmitted to the mobile device 400 carried by theuser. Thus, no one can know the password through the PC 200 when theuser who entered the printing job is away from the PC 200. Therefore,the password is less likely to be leaked and is highly safe and secure.

After transmitting the password, the printer 100 accepts the input ofthe password. After the user inputs the password, the printer 100 checksthe password inputted by the user against the password transmitted tothe mobile device 400. The printing of the printing job corresponding tothe password is started on the condition that the password inputted bythe user is coincident with the password transmitted to the mobiledevice 400.

[Control of Printer]

Subsequently, an explanation will be made about the control of theprinter 100 which realizes the operation of the above-described printingsystem 900. As described above, the operation of the printer 100includes the operation to issue the password and the operation to startthe printing of the printing data corresponding to the password afterthe issuance of the password. Hereinbelow, an explanation will be givenwhile being focused on the above two operations.

[Password issuance Process]

At first, an explanation will be made with reference to a flowchart ofFIG. 3 about a procedure of a password issuance process (an example ofthe password generating section, the obtaining section, the transmissionsection, the confidentiality judgment section, the position judgmentsection, the first transmission prohibition section, the determiningsection, and the second transmission prohibition section) which is theoperation to issue the password. The password issuance process isexecuted by the CPU 31 when the password issuance button 41 displayed onthe touch panel display of the operation panel 40 is pressed.

In the password issuance process, at first, the CPU 31 judges as towhether or not a security level of the printing job to be subjected tothe password issuance is high (S101, an example of the confidentialityjudgment section). In a case that the user enters the printing job fromthe PC 200, the user is capable of setting the security level of theprinting job. Then, the security level set by the user is added to theprinting job as the security information. In the process S101, the CPU31 judges as to whether or not the security level is high.

Next, the CPU 31 obtains password destination information based on thesecurity level. As shown in FIG. 4, the printer 100 has a destinationdatabase 341 in which e-mail addresses of respective users, each ofwhich is the password destination, are stored. The CPU 31 obtains thedestination information corresponding to the user of the printing job tobe subjected to the password issuance.

In the destination database 341, at least one destination is stored foreach user. In particular, user ID, the first destination, the seconddestination, and a transmission setting under a high security are storedas one record in the destination database 341. In the user ID, theinformation to identify the user is stored. In the first destination,the e-mail address as the destination of the password is stored. In acase that a plurality of destinations are stored in the firstdestination, the password is simultaneously transmitted to the pluralityof destinations. Further, in the second destination, another e-mailaddress, to which the password is retransmitted in a case that thetransmission to the first destination is unsuccessful, is stored. In acase that the second destination is not stored, even when thetransmission to the first destination is unsuccessful, the password isnot retransmitted. As to the transmission setting under the highsecurity, a symbol “o” means that the password is transmitted even whenthe security level is high, and a symbol “x” means that the password isnot transmitted when the security level is high.

In view of the above, in a case that the destination information isobtained and that the security level of the printing job is high (S101:YES), the CPU 31 extracts only the destination, in which thetransmission setting under the high security is “o”, from among thedestinations corresponding to the user of the printing job (S102, anexample of the obtaining section). On the other hand, in a case that thesecurity level of the printing job is not high (S101: NO), the CPU 31extracts all of the destinations corresponding to the user of theprinting job, irrespective of the transmission setting under the highsecurity (S111, an example of the obtaining section). That is, in thecase that the security level of the printing job is high, the number ofdestinations is decreased and the confidentiality of the printing datais increased. On the other hand, in the case that the security level ofthe printing job is low, the number of destinations is increased to makeit easy to receive the password. That is, reliability of start of theprinting is enhanced.

After the CPU 31 obtains the destination information in the process S102or the process S111, the CPU 31 judges as to whether or not an issuancecondition to issue the password is satisfied (S103, an example of theposition judgment section, the determining section). As shown in FIG. 5,the printer 100 has a condition database 342 in which various issuanceconditions are stored. In the process S103, the CPU 31 judges as towhether or not the various issuance conditions in the condition database342 are satisfied.

In particular, conditions in relation to an issuance area and anissuance time are stored in the condition database 342 of thisembodiment shown in FIG. 5. The issuance area is a condition in relationto a position of the device as the destination. For example, a distancefrom the printer 100 and a specific location are set as the issuancearea. For example, in a setting “within 5 m” as shown in FIG. 5, in acase that the destination device is located within 5 m from the printer100, the condition is satisfied. In a case that the destination deviceis not located within 5 m from the printer 100, the condition is notsatisfied. Information of the destination device is set by anotherdatabase. The positions of the destination device and the printer 100can be obtained by a publicly known position measurement technique, suchas GPS. Further, even if the position of the device can not be obtainedaccurately, it is possible to know as to whether or not the destinationdevice is located within a predetermined range from the printer 100 byusing a publicly known wireless technique, such as Bluetooth, RFID, etc.By limiting the issuance area as described above, it is possible toavoid the transmission of the password in a case that the third partywho does not have the destination device of the password presses thepassword issuance button 41.

Further, the issuance time is a condition in relation to a time at whichthe password issuance button 41 is pressed. A period of time in whichthe transmission of the password is permitted is set as the issuancetime. In a case that the time at which the password issuance button 41is pressed is within the period of time set as the issuance time, thecondition is satisfied. In a case that the time at which the passwordissuance button 41 is pressed is not within the period of time set asthe issuance time, the condition is not satisfied. By limiting theissuance time as described above, it is possible to avoid thetransmission of the password in a case that the third party presses thepassword issuance button 41 during an unexpected period of time.

A plurality of conditions can be set in the issuance area and theissuance time, respectively. Further, a setting for validating thecondition or a setting for invaliding the condition can be made for eachof the conditions. The CPU 31 judges as to whether or not the conditionis valid for each issuance area and each issuance time. As for theissuance area, the CPU judges that the condition of the issuance area issatisfied provided that at least one condition of the issuance area issatisfied. Also, as for the issuance time, the CPU judges that thecondition of the issuance time is satisfied provided that at least onecondition of the issuance time is satisfied.

In the condition database 342 of this embodiment, the condition forpermitting the password issuance is stored. However, it is allowable tostore the condition for prohibiting the password issuance. That is, thecondition, by which the CPU 31 can judge as to whether or not thepassword issuance is permitted, may be stored in the condition database342.

In a case that at least one issuance condition of the issuance area andthe issuance time is not satisfied (S103: NO), the CPU 31 reports to theuser that the at least one issuance condition is not satisfied (S121).Then, the password issuance process is completed without issuing thepassword (an example of the first transmission prohibition section, thesecond transmission prohibition section). The report process in theprocess S121 includes, for example, that a text message is displayed onthe touch panel display of the operation panel 40.

In a case that both of the issuance conditions of the issuance area andthe issuance time are satisfied (S103: YES), the CPU 31 generates thepassword (S104, an example of the password generating section). Thepassword is issued for each password issuance instruction. The issuedpassword is valid only for the printing job to be subjected to thepassword issuance. The password is generated by combining a plurality ofnumbers and/or symbols which are selected by a random sampling by theprinter 100. After the password is generated, the password is correlatedwith the printing job and is stored by the CPU 31 (S105).

Thereafter, the CPU 31 transmits the password generated in the processS104 to the destination obtained in the process S102 or the process S111(S106, an example of the transmission section). In particular, the CPU31 transmits text information in which the password is described via thee-mail to the first destination(s) obtained in the process S102 or theprocess S111.

After the process S106, the CPU judges as to whether or not the e-mailtransmission is successful (S107). Whether or not the e-mailtransmission is successful can be judged, for example, based on aresponse from the mail server. Further, in a case that the destinationdevice has a function to provide a response indicating that the e-mailwas opened, whether or not the e-mail transmission is successful canalso be judged based on presence or absence of the response.

In a case that the e-mail transmission is unsuccessful (S107: NO), theCPU 31 judges as to whether or not, in addition to the destination towhich the e-mail was unsuccessfully transmitted, another destination towhich the e-mail is retransmitted is set (S131). In particular, the CPU31 judges as to whether or not the second destination, which isalternative to the destination to which the e-mail was unsuccessfullytransmitted, is set. In a case that the destination to which the e-mailis retransmitted is set (S131: YES), the password is transmitted to thesecond destination (S141). After the process S141, the process isshifted to the process S107 and the CPU 31 judges as to whether or notthe retransmission is successful.

In a case that the destination to which the e-mail is retransmitted isnot set (S131: No), the CPU 31 reports to the user that the transmissionof the password is unsuccessful (S132). Then, the password issuanceprocess is completed without starting the printing. In this embodiment,the third destination, to which the e-mail is retransmitted in a casethat the transmission to the second destination is unsuccessful, is notset. Therefore, in the case that the transmission to the seconddestination in the process S141 is unsuccessful, it is judged that stillanother destination to which the e-mail is retransmitted is not set.

On the other hand, in a case that the e-mail transmission is successful(S107: YES), a print accepting process to start the printing of theprinting job is started by the CPU 31 (S108). After the process S108,the password issuance process is completed by the CPU 31.

[Print Accepting Process]

Subsequently, a procedure of a print accepting process (an example ofthe input section, the judgment section, the printing section, the timejudgment section, the first print prohibition section, and the expansionsection) to start the printing of the printing job will be explainedwith reference to a flowchart of FIG. 6. The print accepting process isexecuted by the CPU 31 when the issuance of the password is successfulin the password issuance process.

In the print accepting process, at first, the CPU 31 displays, on thetouch panel display of the operation panel 40, an accepting screen toaccept the input of the password (S161). Then, expansion of the printingdata included in the printing job into bitmap image data is started sothat the printing can be started immediately after the input of thepassword (S162, an example of the expansion section). Note that theprocess S162 may be executed before the process S161 is executed.Alternatively, the process S162 may be executed immediately after thepassword is transmitted (immediately after the process S106) in thepassword issuance process. That is, the start of the printing may beaccelerated by starting the expansion of the printing data prior to thestart of the printing of the process S167 (as will be described lateron) on condition of the transmission of the password.

Next, the CPU 31 judges as to whether or not a validated time of thepassword issued in the process S106 has elapsed, that is, as to whetheror not an elapsed time after the password is transmitted exceeds thevalidated time of the password (S163, an example of the time judgmentsection). In a case that the validated time of the password is set inthe printing job, said validated time is used. On the other hand, in acase that the validated time of the password is not set in the printingjob, a validated time which is set in the printer 100 is used.

In a case that the validated time of the password has elapsed (S163:YES), the CPU 31 reports to the user that the validated time of thepassword has elapsed (S171). Then, the CPU 31 deletes the expansion data(S172), and the print accepting process is completed (an example of thefirst print prohibition section) without staring the printing.

In a case that the validated time of the password does not elapse (S163:NO), the CPU 31 judges as to whether or not a cancel instruction is made(S164). The cancel instruction corresponds to that the cancel buttonprovided on the operation panel 40 is pressed. In a case that the cancelinstruction is made (S164: YES), the CPU 31 reports to the user that thecancel instruction is accepted (S181). Then, the CPU 31 deletes theexpansion data (S172), and the print accepting process is completedwithout staring the printing.

In a case that the cancel instruction is not made (S164: NO), the CPU 31judges as to whether or not the password is inputted by the user (S165,an example of the input section). In a case that the password is notinputted by the user (S165: NO), the process is shifted to the processS163 and the CPU 31 again judges as to whether or not the validated timeof the password has elapsed.

On the other hand, in a case that the password is inputted (S165: YES),the CPU 31 judges as to whether or not the inputted password iscoincident with the transmitted password (S166, an example of thejudgment section). In a case that the inputted password is notcoincident with the transmitted password (S166: NO), the CPU 31 reportsto the user that the password was erroneously inputted (S191). Theprocess is shifted to the process S165 and the re-input of the passwordis encouraged.

In a case that the inputted password is coincident with the transmittedpassword (S166: YES), the CPU 31 starts the printing of the printingdata of the printing job corresponding to the password (S167, an exampleof the printing section). After the process S167, the print acceptingprocess is completed by the CPU 31.

As described above, in the printing system 900 of the first embodiment,the password corresponding to the selected printing job is transmittedto the destination corresponding to the user of the printing job (forexample, the mobile device 400), on the condition that the user pressesthe password issuance button 41 of the printer 100. That is, thepassword is not issued during a time after the user is away from the PC200 and before the user arrives at the printer 100. The password isissued in a state that the user is likely to be present in front of theprinter 100. Accordingly, it can be expected that a time after thepassword is obtained by the user and before the password is inputted bythe user is shortened. Thus, the printing system 900 of the firstembodiment has a low possibility of the leak of the password to thethird party.

Further, in the printing system 900 of the first embodiment, even if thethird party presses the password issuance button 41, the third party isless likely to obtain the password. This is because the password istransmitted to the preset destination. Thus, the confidentiality of theprinting data is high.

Second Embodiment

[Password Issuance Process]

Subsequently, an explanation will be made with reference to flowchartsof FIGS. 7A and 7B about another embodiment of the password issuanceprocess. In the password issuance process of the second embodiment, in acase that the password is issued, the fact of the password issuance isnotified to the device from which the printing job was entered. In thefollowing description, the processes, which are the same as orequivalent to those of the first embodiment, are designated by the samereference numerals, any explanation of which will be omitted asappropriate.

The processes S101 to S106 (namely, to the password transmissionprocess) of the password issuance process of the second embodiment arethe same as those of the password issuance process of the firstembodiment. After the process S106, the CPU 31 obtains a noticedestination which corresponds to the user of the selected printing job(S206). As shown in FIG. 8, the printer 100 has a notice destinationdatabase 343 in which IP addresses of respective users, each of which isthe notice destination, are stored. The CPU 31 is capable of obtainingnotice destination information corresponding to the user of the printingjob to be subjected to the password issuance.

Next, the CPU 31 notifies, to the notice destination obtained in theprocess S206, that the password is transmitted (S207, an example of thenotifying section). This notice is referred to as a “password issuancenotice”. With the password issuance notice, the fact of the passwordissuance is notified to the device from which the printing job wasentered. After the CPU 31 sends the password issuance notice in theprocess S207, the process is shifted to the process S107. The processessubsequent to the process S107 are the same as those of the firstembodiment.

As shown in FIG. 9, in the device from which the printing job wasentered and by which the password issuance notice is received(hereinafter it is assumed that the password issuance notice is receivedby the PC 200), a message box 230 in which a message to confirm theissuance of the password is described is displayed on a display 220 ofthe PC 200. The massage box 230 is displayed, for example, by a residentprogram incorporated in the PC 200.

In addition to the massage, an OK button 231 and a cancel button 232 aredisplayed on the message box 230. In a case that the user presses the OKbutton 231, the PC 200 closes the message box 230. On the other hand,the user presses the cancel button 232, the PC 200 closes the messagebox 230 and transmits a cancel instruction to cancel the printing to theprinter 100. It is noted that the content displayed on the message box230 is merely an example, and the present teaching is not limitedthereto.

The printer 100 cancels the printing operation when the printer 100accepts the cancel instruction from the PC 200 (an example of theinstruction accepting section, the second print prohibition section).Further, in a case that the printing operation is not yet started by theprinter 100, the CPU 31 accepts the cancel instruction in the processS164 (an example of the instruction accepting section) during the printaccepting process (see FIG. 6). Then, it is reported that the cancelinstruction was accepted in the print accepting process (S181), theexpansion data is deleted (S172), and the print accepting process iscompleted (an example of the second print prohibition section) withoutstarting the printing operation.

As described above, the printing system of the second embodimentnotifies the transmission of the password to the device from which theprinting job was entered. By doing so, even if the password issuanceinstruction is made by the third party, the user having the printingdata is more likely to know that. Further, in a case that the userhaving the printing data accepts the notice, the user can transmit thecancel instruction from the PC 200 to the printer 100. Accordingly, theconfidentiality of the printing data is increased.

That is, in the first embodiment described above, even if the passwordissuance instruction is inputted by the third party, in a case that thethird party does not have the mobile device by which the password isreceived, the third party never knows the password. Thus, the printingof the printing data can not be started by the third party. However, inthe event that the third party has the mobile device, there is fear thatthe password is leaked and the printing is started. In view of this, inthe second embodiment, the cancel instruction is allowed to betransmitted from the PC 200 which is an originating device of theprinting data. By doing so, even if the third party has the mobiledevice and can obtain the password, it can be expected to avoid that theprinting data is printed completely.

Third Embodiment

[Structure of Printing System]

Subsequently, an explanation will be made with reference to FIG. 10about another embodiment of the operation of the printing system. In aprinting system 910 of the third embodiment, the password issuanceinstruction is inputted from the mobile device 400 to the printer 100via wireless communication. In this regard, the third embodiment isdifferent from the first embodiment in which the password issuanceinstruction is inputted by the input operation of the user through theoperation panel 40 of the printer 100.

In the printing system 910 of the third embodiment, at first, theprinting job is entered from the PC 200 to the printer 100 (see “A:printing job” of FIG. 10). Then, the password issuance instruction for aspecific printing job stored in the printer 100 is inputted by remoteoperation from the mobile device 400 to which the password of theprinting job is transmitted (see “B: password issuance instruction” ofFIG. 10). A publicly known wireless communication technique, such as theinfrared ray communication or the wireless LAN, can be used in the inputof the password issuance instruction from the mobile device 400 to theprinter 100.

The printing job may be selected as follows. That is, for example, themobile device 400 obtains a printing job list from the PC 100 and theuser selects one from among the printing job list. Alternatively, byinputting the user ID from the mobile device 400, the printer 100selects the printing job corresponding to the user ID automatically.

After the user entered the printing job to the printer 100, the usermoves to a place at which the printer 100 is disposed while carrying thedevice by which the password issued from the printer 100 is received(for example, the mobile device 400). Then, the user operates the mobiledevice 400 near the printer 100 to input the password issuanceinstruction for the desired printing job.

In a case that the printer 100 accepts the password issuance instructionfrom the mobile device 400, the printer 100 creates the password for theprinting job and transmits the password to the mobile device 400 (see“C: password” and “D: password” of FIG. 10).

In the third embodiment, the password issuance instruction can beinputted by the remote operation from the mobile device 400. Thus, it ispossible for the user to input the password issuance instruction even ata place away from the printer 100. Therefore, there is a high risk ofthe leak of the password.

In view of this, in the third embodiment, the following condition isindispensable to issue the password. That is, the mobile device 400 islocated within the predetermined range from the printer 100 at theprocess to judge the issuance condition (S103) in the password issuanceprocess (see FIG. 3). In a case that the mobile device 400 is locatedwithin the predetermined range from the printer 100, the CPU 31 permitsthe issuance of the password. In a case that the mobile device 400 isnot located within the predetermined range from the printer 100, theissuance of the password is not permitted. By doing so, it is possibleto reduce the risk of the leak of the password. Further, similar to thefirst embodiment, it can be expected that the time after the password isobtained by the user and before the password is inputted by the user isshortened.

Thereafter, the mobile device 400 receives the password, and thereby theuser knows the password corresponding to the printing job and inputs thepassword received by the mobile device 400 to the printer 100.

After transmitting the password, the printer 100 executes the printaccepting process to accept the input of the password. After the inputof the password by the user, the printer 100 checks the passwordinputted by the user against the password transmitted to the mobiledevice 400. Based on the condition that the password inputted by theuser is coincident with the password transmitted to the mobile device400, the printing of the printing job corresponding to the password isstarted.

In the explanation of the third embodiment, the device which performsthe password issuance instruction and the device to which the passwordis transmitted are the same (that is, the mobile device 400). However,the device which performs the password issuance instruction may bedifferent from the device to which the password is transmitted. Forexample, the device which performs the password issuance instruction maybe a remote controller for the printer 100, and the device whichreceives the password may be the mobile device carried by each user. Inthis case, the CPU 31 judges in the judgment of the process S103 as towhether or not at least the device which performs the password issuanceinstruction is located within the predetermined range from the printer100. In a case that the device which performs the password issuanceinstruction is not within the predetermined range, the CPU 31 prohibitsthe issuance of the password.

Fourth Embodiment

[Structure of Printing System]

Subsequently, an explanation will be made with reference to FIG. 11about still another embodiment of the operation of the printing system.In a printing system 920 of the fourth embodiment, the printer 100outputs a transmission instruction of the password to the server 300,and the server 300 generates the password. In this regard, the fourthembodiment is different from the first embodiment in which the printer100 generates the password.

In the printing system 920 of the fourth embodiment, at first, theprinting job is entered from the PC 200 to the printer 100 (see “A:printing job” of FIG. 11). Then, similar to the first embodiment, afterthe printing job of the password issuance objective is selected by theuser, the password issuance instruction for the selected printing job isinputted by pressing the password issuance button 41 (see “B: passwordissuance instruction” of FIG. 11). It is noted that, like the thirdembodiment, the password issuance instruction may be inputted by theremote operation from the mobile device 400.

When the printer 100 accepts that the password issuance button 41 ispressed, the printer 100 requests the server 300 to generate thepassword for the printing job. In this embodiment, the printer 100transmits, to the server 300, the transmission instruction to instructgeneration of the password and transmission of said password (“C:transmission instruction” of FIG. 11).

In a case that the server 300 accepts the transmission instruction fromthe printer 100, the server 300 generates the password of the printingjob which is correlated with the transmission instruction. Then, theserver 300 obtains the destination of the password correlated with theuser of the printing job and transmits the password to the mobile device400 and the printer 100 (see “D: password” and “E: password” of FIG.11). Noted that the server 300 may pick up the destination.Alternatively, the printer 100 may pick up the destination to add thedestination to the transmission instruction.

That is, the server 300 of this embodiment executes at least theprocesses S104 to S107 in the password issuance process (see FIG. 3).Accordingly, in this embodiment, the server 300 performs a part of theprocesses performed by the printer 100 in the first embodiment. Thus, itis possible to reduce a load of the printer 100. As a result, theprinting system of this embodiment can be realized even in the printerwhich does not have a high performance.

Before transmitting the password, the server 300 may perform thejudgment of the issuance condition (S103) performed in the passwordissuance process. In a case that the issuance condition is notsatisfied, the issuance of the password may be prohibited. Further, thetransmission instruction may be outputted in a case that after theprinter 100 performs the judgment of the issuance condition (S103) inthe password issuance process and further that the issuance condition issatisfied.

After the printer 100 receives the password from the server 300, theprinter 100 executes the print accepting process to accept the input ofthe password. After the input of the password by the user, the printer100 checks the password inputted by the user against the passwordreceived by the printer 100. Based on the condition that the passwordinputted by the user is coincident with the password received by theprinter 100, the printing of the printing job corresponding to thepassword is started.

As described in detail above, in the printer and the printing system ofthe first to the fourth embodiments, the password of the printing datais transmitted to the destination (for example, the mobile device of theuser having the printing data) which corresponds to the printing data,on the condition that the user operates the operation panel 40 or on thecondition that the issuance instruction is inputted from the externaldevice which is located within the predetermined range from the printer.Accordingly, the password is issued when the user is in the vicinity ofthe printer 100, and it can be expected to shorten the time after thepassword is obtained by the user and before the password is inputted bythe user. Therefore, the password is less likely to be leaked to thethird party.

The embodiments described above are merely examples to which the presentteaching is applied, and the present teaching is not restricted to theembodiments described above. Therefore, it is needless to say thatvarious modifications which fall within the basic teaching herein setforth may be made to the present teaching. For example, the printer maybe any apparatus or device provided at least with a printing function,and the present teaching is applicable to multifunction machines andcopy machines. Further, the information process apparatus through whichthe printing job is entered into the printer is not limited to thepersonal computer. For example, the information process apparatus may bemobile terminals such as the smartphone.

In the embodiments, the printing job is directly transmitted to theprinter 100 from the PC 200. However, the present teaching is notlimited thereto. For example, the printing job may be transmitted to theprinter 100 from the PC 200 via the server 300.

In the embodiments, the password is transmitted to the mobile device 400by the e-mail transmission via the server 300. However, the presentteaching is not limited thereto. For example, in a case that the printer100 is capable of transferring the data directly to and from the mobiledevice 400 and that the printer 100 is capable of identifying individualdestination devices, the password may be transmitted to the mobiledevice 400 directly.

In the embodiments, the password issuance button 41 is displayed on thetouch panel display on the condition that the printing job is selected.However, the password issuance button 41 may be displayed on the touchpanel display from the beginning. Alternatively, other than the touchpanel display, a dedicated button to issue the password may be providedin the operation panel 40. In these embodiments, in a case that thebutton is pressed in a state that the printing job is not selected, theinput of the password may be regarded as invalid or the passwordissuance instructions for all of the stored printing jobs.

In the embodiments, the printer 100 has the destination database 341 inwhich the destination information is stored. However, the server 300 mayhave the destination database 341. In this case, the printer 100inquires of the server 300 to obtain the destination information.Further, the destination information may be added to the printing job.In this case, the transmission of the password in accordance with theuser's request can be performed by giving priority to the destinationwhich is added to the printing job over the destination which is storedin the destination database 341.

In the embodiments, the printer 100 has the condition database 342 inwhich the issuance condition is stored. However, the server 300 may havethe condition database 342. In this case, the printer 100 inquires ofthe server 300 to obtain the issuance condition. Further, the issuancecondition may be added to the printing job. In this case, thetransmission of the password in accordance with the user's request canbe performed by giving priority to the issuance condition which is addedto the printing job over the issuance condition which is stored in thecondition database 342.

In the embodiments, in a case that the security level of the printingjob is high, the number of transmissions in the first transmission(transmission to the first destination) is decreased. However, thepresent teaching is not limited thereto. For example, in the case thatthe security level of the printing job is high, the number oftransmissions may be decreased by prohibiting the second transmission(transmission to the second destination).

What is claimed is:
 1. A printing apparatus which performs printing on amedium based on printing data, the apparatus comprising: a storagesection configured to store printing data and a table including aplurality of records, wherein each record includes an address and asecurity level information of the address; an accepting sectionconfigured to accept an issuance instruction to issue a passwordcorresponding to the printing data; a confidentiality judgment sectionconfigured to judge as to whether confidentiality of the printing datais high or low; an obtaining section configured to obtain addresses fromthe table in the storage section, the obtaining section obtainingaddresses of which security level information is high and low from thetable in the storage section in response to the confidentiality judgmentsection judging the confidentiality of the printing data is low, and theobtaining section obtaining addresses of which security levelinformation is high and not obtaining addresses of which the securitylevel is low from the table in the storage section in response to theconfidentiality judgment section judging the confidentiality of theprinting data is high; a password generating section configured togenerate a password in response to the accepting section accepting theissuance instruction; a transmission section configured to transmit thepassword generated by the password generating section to one of theaddresses obtained by the obtaining section; an input section configuredto accept an input of a password by a user; a judgment sectionconfigured to judge as to whether or not a password accepted by theinput section is coincident with a transmitted password transmitted bythe transmission section; and a printing section configured to startprinting based on the printing data corresponding to the transmittedpassword, in response to the judgment section judging that the passwordaccepted by the input section is coincident with the transmittedpassword; wherein after transmitting the generated password to the oneof the obtained addresses, the transmission section determines whethertransmitting the generated password to the one of the obtained addressesis unsuccessful; wherein the transmission section transmits thegenerated password to another one of the obtained addresses in responseto the transmission section determining that transmitting the generatedpassword to the one of the obtained addresses is unsuccessful.
 2. Theprinting apparatus according to claim 1, further comprising an operationsection configured to accept an input operation by the user, wherein theaccepting section accepts the issuance instruction by the inputoperation to the operation section.
 3. The printing apparatus accordingto claim 1, further comprising a confidentiality judgment sectionconfigured to judge as to whether or not confidentiality of the printingdata is high, wherein in a case that the confidentiality judgmentsection judges that the confidentiality of the printing data is high,the password generated by the password generating section is transmittedto the at least one of the destinations, the number of which is smalleras compared with a case in which the confidentiality judgment sectionjudges that the confidentiality of the printing data is not high.
 4. Theprinting apparatus according to claim 1, wherein the accepting sectionaccepts the issuance instruction by an output from an external device;and the printing apparatus further includes a prohibition sectionconfigured to judge as to whether or not the external device is locatedwithin a predetermined range from the printing apparatus and configuredto prohibit at least one of the generation of the password by thepassword generating section and the transmission of the password by thetransmission section, in a case that the prohibition section judges thatthe external device is not located within the predetermined range. 5.The printing apparatus according to claim 2, further comprising: aposition judgment section configured to judge as to whether or not acommunication device as the destination is located within apredetermined range from the printing apparatus; and a firsttransmission prohibition section configured to prohibit the transmissionof the password by the transmission section in a case that the positionjudgment section judges that the communication device is not locatedwithin the predetermined range.
 6. The printing apparatus according toclaim 2, further comprising: a determining section configured todetermine a period of time in which the transmission of the password bythe transmission section is permitted; and a second transmissionprohibition section configured to prohibit the transmission of thepassword by the transmission section outside the period of timedetermined by the determining section.
 7. The printing apparatusaccording to claim 2, further comprising: a time judgment sectionconfigured to judge as to whether or not an elapsed time after thepassword is transmitted by the transmission section is not less than apredetermined time; and a first print prohibition section configured toprohibit the printing of the printing data corresponding to the passwordby the printing section, in a case that the time judgment section judgesthat the elapsed time is not less than the predetermined time.
 8. Theprinting apparatus according to claim 2, further comprising a notifyingsection configured to send a notice of the transmission of the passwordto an address corresponding to an originating device by which theprinting data corresponding to the password is stored in the storagesection, in a case that the password is transmitted by the transmissionsection.
 9. The printing apparatus according to claim 8, furthercomprising: an instruction accepting section configured to accept aninstruction from the originating device as to whether or not theprinting of the printing data corresponding to the password transmittedby the transmission section is permitted, after the notice is sent tothe address corresponding to the originating device by the notifyingsection; and a second print prohibition section configured to prohibitthe printing of the printing data by the printing section, in a casethat the instruction accepting section accepts an instruction that theprinting is not permitted.
 10. The printing apparatus according to claim2, further comprising an expansion section configured to start expansionof the printing data corresponding to the transmitted password, oncondition of the transmission of the password by the transmissionsection.
 11. A printing system which performs printing on a medium basedon printing data, the system comprising: a printing apparatus whichincludes: a storage section configured to store printing data and atable including a plurality of records, wherein each record includes anaddress and a security level information of the address; an operationsection configured to accept an input operation by a user; and anaccepting section configured to accept an issuance instruction to issuea password corresponding to the printing data by the input operation tothe operation section of the printing apparatus; a confidentialityjudgment section configured to judge as to whether confidentiality ofthe printing data is high or low; an obtaining section configured toobtain addresses from the table in the storage section, the obtainingsection obtaining addresses of which security level information is highand low from the table in the storage section in response to theconfidentiality judgment section judging the confidentiality of theprinting data is low, and the obtaining section obtaining addresses ofwhich security level information is high and not obtaining addresses ofwhich the security level is low from the table in the storage section inresponse to the confidentiality judgment section judging theconfidentiality of the printing data is high; a password generatingsection configured to generate a password in response to the acceptingsection accepting the issuance instruction; a transmission sectionconfigured to transmit the password generated by the password generatingsection to one of the addresses obtained by the obtaining; wherein aftertransmitting the generated password to the one of the obtainedaddresses, the transmission section determines whether transmitting thegenerated password to the one of the obtained addresses is unsuccessful;wherein the transmission section transmits the generated password toanother one of the obtained addresses in response to the transmissionsection determining that transmitting the generated password to the oneof the obtained addresses is unsuccessful.
 12. A printing apparatuscomprising: an image forming section configured to form an image on themedium based on printing data; a storage section configured to store theprinting data and a table including a plurality of records, wherein eachrecord includes an address and a security level information of theaddress; an interface section configured to communicate with externaldevices; an operation section configured to accept an instruction inputby a user; a controller configured to control the image forming section,the storage section, the interface section and the operation section,and configured to: receive an issuance instruction to issue a passwordcorresponding to the print data via the operation section; judge whethera security level of the printing data is high or low; obtain addressesof which security level information is high and low from the table inthe storage section in response to the security level of the printingdata being judged to be low is low, and obtain addresses of whichsecurity level information is high and not obtaining addresses of whichthe security level is low from the table in the storage section inresponse to the security level of the printing data being judged to behigh; generate a password in response to receiving the issuanceinstruction; transmit the generated password to one of the obtainedaddresses through the interface section; after transmitting thegenerated password to the one of the obtained addresses, determinewhether transmitting the generated password to one of the obtainedaddresses is unsuccessful; transmit the generated password to anotherone of the obtained addresses through the interface section in responseto the transmission of the generated password to the one of the obtainedaddresses is determined to be unsuccessful; in response to the operationsection receiving an input of a password after transmitting thegenerated password to any one of the obtained addresses, judge whetheror not the password accepted via the operation section is coincidentwith the transmitted password; and in response to the controller judgingthat the operation section accepts a password and the password acceptedby the operation section is coincident with the transmitted password,start printing based on the received printing data stored in the storagesection.
 13. A printing apparatus comprising: an image forming sectionconfigured to form an image on the medium based on a printing data; astorage section configured to store a printing data and a tableincluding: a plurality of records, wherein each record includes addressand security information; an interface section; an operation sectionconfigured to accept an instruction input by a user; and a controllerconfigured to control the image forming section, the storage section,the interface section and the operation section, to: receive a printingdata from an originating device via the interface section; store thereceived printing data in the storage section; judge whether thesecurity level of the printing data is high or low; obtain, from thetable in the storage section, address included in a record of which thesecurity level information is high in response to the security level ofthe printing data is judged to be high; obtain, from the table in thestorage section, address included in a record of which the securitylevel information is both high and low in response to the security levelof the printing data is judged to be low; generate a password; transmitthe generated password to one of the obtained address through theinterface section; after transmitting the generated password to the oneof the obtained address, send, to the to the originating device throughthe interface section, a notice for notifying that the password istransmitted to the obtained address; and start printing based on thereceived printing data stored in the storage section in response to thecontroller judging that the operation section accepts a password and thepassword accepted by the operation section is coincident with thetransmitted password.